package uk.co.hs.web.controller.admin;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.MessageSource;
import org.springframework.dao.DataAccessException;
import org.springframework.dao.DataIntegrityViolationException;
import org.springframework.orm.hibernate3.HibernateOptimisticLockingFailureException;
import org.springframework.stereotype.Controller;
import org.springframework.validation.Errors;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.SessionAttributes;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.view.RedirectView;

import uk.co.hs.constants.AdminGeneralConstants;
import uk.co.hs.domain.web.WebUser;
import uk.co.hs.exceptions.DataAccessExceptions;
import uk.co.hs.service.admin.interfaces.WebUserServiceInterface;
import uk.co.hs.web.command.admin.PasswordResetCommand;
import uk.co.hs.web.interceptor.TabsAccessibilityInterceptor;

/**
 * ExpiredPasswordController.
 */
@Controller("hs_expiredPasswordController")
@RequestMapping("/" + TabsAccessibilityInterceptor.EXPIRED_PASSWORD_URL)
@SessionAttributes(AdminGeneralConstants.ADMIN_COMMAND)
public class ExpiredPasswordController
{
  @Resource
  private WebUserServiceInterface mUserService;

  @Autowired(required=true)
  @Qualifier("messageSource")
  private MessageSource mMessageSource;

  /**
   * Form Backing Object.
   *
   * @param aRequest HttpServletRequest
   * @return ModelAndView
   */
  @RequestMapping(method = RequestMethod.GET)
  protected ModelAndView formBackingObject(HttpServletRequest aRequest)
  {
  	String userName = aRequest.getParameter("user");
    WebUser userToChange = mUserService.getWebUser(userName);
    PasswordResetCommand command = new PasswordResetCommand();
    if (userToChange != null)
    {
      command.setUsername(userToChange.getUsername());
    }
    return new ModelAndView(getView()).addObject(AdminGeneralConstants.ADMIN_COMMAND, command);
  }

  /**
   * Save Detail.
   *
   * @param aRequest HttpServletRequest
   * @param aCommand PasswordResetCommand
   * @param aErrors Errors
   * @return ModelAndView
   */
  @RequestMapping(params = "adminRequestedAction" + "=save", method = RequestMethod.POST)
  public ModelAndView saveDetail(HttpServletRequest aRequest,
                                 @ModelAttribute(AdminGeneralConstants.ADMIN_COMMAND)
                                            PasswordResetCommand aCommand,
                                 Errors aErrors)
  {
  	String errorMessage = null;
    String errorParam = null;
    try
    {
      mUserService.changePassword(aCommand.getUsername(), aCommand.getNewPasswordConfirmation());
    }
    catch (DataIntegrityViolationException aException)
    {
      errorMessage = DataAccessExceptions.DATA_INTEGRITY_VIOLATION;
      errorParam = "Password";
    }
    catch (HibernateOptimisticLockingFailureException aException)
    {
      errorMessage = DataAccessExceptions.ALREADY_UPDATED;
      errorParam = "Password";
    }
    catch (DataAccessException aException)
    {
      errorMessage = DataAccessExceptions.DATA_ACCESS_FAILURE;
      errorParam = "Password";
    }
    catch (Exception aException)
    {
      errorMessage = DataAccessExceptions.UNKNOWN;
      errorParam = aException.getMessage();
    }

    if (errorMessage != null)
    {
      aErrors.reject(errorMessage, new String[] {errorParam}, errorMessage);
      return new ModelAndView(getView()).addObject(AdminGeneralConstants.ADMIN_COMMAND, aCommand);
    }
    return new ModelAndView(new RedirectView(TabsAccessibilityInterceptor.LOGIN_URL));
  }

  private String getView()
  {
    return "hs_ExpiredPasswordView";
  }
}
